1. Field of the Invention
The present invention relates to a user authentication system that authenticates a user who logs in a manipulation monitoring terminal, and a plant control system having the user authentication system.
Priority is claimed on Japanese Patent Application No. 2010-240572, filed Oct. 27, 2010, the content of which is incorporated herein by reference.
2. Description of the Related Art
All patents, patent applications, patent publications, scientific articles, and the like, which will hereinafter be cited or identified in the present application, will hereby be incorporated by reference in their entirety in order to describe more fully the state of the art to which the present invention pertains.
FIG. 4 is a functional block diagram illustrating an example of a constitution of a user authentication system in a plant control system in accordance with the related art. The plant control system includes a control bus 10, manipulation monitoring terminals 20 and 30, and control devices 40, 50 and 60.
The manipulation monitoring terminals 20 and 30, and the control devices 40, 50 and 60 are each connected to the control bus 10. The control devices 40, 50 and 60 communicate with the manipulation monitoring terminals 20 and 30 via the control bus 10, thereby controlling a field device of a plant.
In general, control devices and a control bus are redundant to ensure the continuity of a plant operation at a high level. Also, manipulation monitoring terminals can perform functions of each other. In this way, an operation of a plant is not disabled due to problems with one manipulation monitoring terminal.
For security reasons, manipulation monitoring terminals authenticate users who log in. In the example of the constitution of FIG. 4, local user authentication units 21 and 31 separately mounted in the plant control system are included in the manipulation monitoring terminals 20 and 30 respectively, and authenticate users who log in. User authentication is performed by the respective local user authentication units, and thus is independent in the respective manipulation monitoring terminals.
FIG. 5 is a functional block diagram illustrating another example of a constitution of a user authentication system in a plant control system in accordance with the related art. FIG. 5 shows an example of a user authentication system using a function of a general operating system (OS), for example, a domain management mechanism of Windows.
The plant control system includes a control bus 10, manipulation monitoring terminals 20 and 30, control devices 40, 50 and 60, an information network 70, and a domain controller 80. The manipulation monitoring terminals 20 and 30, and the control devices 40, 50 and 60 are each connected to the control bus 10. The manipulation monitoring terminals 20 and 30 and the domain controller 80 are each connected to the information network 70.
The manipulation monitoring terminals 20 and 30 communicate with the domain controller 80 through the information network 70. The domain controller 80 has a domain user authentication unit 81. The domain user authentication unit 81 manages user names and passwords of all users belonging to a corresponding domain.
Local user authentication units 21 and 31 separately mounted in the plant control system are included in the manipulation monitoring terminals 20 and 30 respectively, and authenticate users who log in. When a user authentication operation is performed by the local user authentication units 20 and 30, a user name and password that a user has input are transferred to the domain controller 80 through the information network 70. The domain user authentication unit 81 of the domain controller 80 authenticates the user name and password, and the user authentication is successful when the user name and password are verified.
In the user authentication system using the domain controller 80, user management is not performed by the respective manipulation monitoring terminals 20 and 30 but is intensively performed by the domain controller 80. In this way, the following four advantages are obtained.
1. Duplication of user names can be prevented.
2. Passwords of a user can be unified in the overall system.
3. The overall system is rapidly informed of user registration and deletion, password change, account log-out, and the like.
4. Only one administrator of a domain controller is authorized to authenticate a user in a domain. Thus, it is impossible to manage users with administrator rights for each manipulation monitoring terminal, and the security level is improved.
In the user authentication system using the domain controller 80 in accordance with the related art, the domain controller 80 and the information network 70 may generally become redundant. However, the domain controller 80 and the information network 70 do not have a high reliability as high as the control devices 40, 50 and 60 or the control bus 10. Thus, when user authentication is intensively managed by the domain controller 80, the availability of the overall system may be lowered to a level of the availability of the domain controller 80 and the information network 70.
When user authentication is managed by the local user authentication units mounted in the respective manipulation monitoring terminals, the level of availability can be maintained, but the above-mentioned security advantage cannot be obtained.